SEPA Secure payments using Checkout

XGateway supports deposits with the preliminary creation of invoices at a fixed exchange rate. This is the recommended integration method, as it provides merchants with ready-made UI for accepting deposits in crypto assets.

Creating an invoice

VPN usage may block a customer from passing KYC checks. It is highly recommended to warn customers not to use VPN (including Apple Private Relay).

In order to create a Fixed Rate Invoice in the payment processing system, you need to make a POST request to the Invoice API endpoint.

URLs

For tests use Demo env:

https://api.demo.xgateway.tech/api/v2/invoices

For production:

https://api.xgateway.tech/api/v2/invoices

The XGateway provides one API endpoint, which automatically defines a corresponding payment method based on the input parameters provided by the merchant. Below are examples of a payload to create an invoice for a SEPA Secure deposit in such currencies as EUR or GBP.

The system will skip all XGateway intermediate pages and redirect the customer directly to the payment method, but only if all required data is provided. Integration can be implemented and tested with the mandatory fields alone; however, it is highly recommended to proceed with pre-filled forms, as this can dramatically simplify the flow for the end user and improve conversion. Please don't forget to check the pre-population section and the guide on conversion optimisation down below.

Please read this page about the difference between base currency and payment currency.

Create an invoice:

{
    "orderId": "order-test-prod",
    "customerId": "test-prod2025",
    "baseCurrency": "EUR",
    "amount": 100
}

Create and activate invoice (opens the payment method directly):

{
    "orderId": "order-test-prod",
    "customerId": "test-prod2025",
    "baseCurrency": "EUR",
    "amount": 100,
    "paymentCurrency": "EUR",
    "customerFirstName": "John",
    "customerLastName": "Doe",
    "customerEmail": "[email protected]",
    "customerCountry": "AU"
}

If you get a bad request response without exact information about the erroneous field, please check the syntax of the request.

The request returns a link to a correspondingly configured Checkout page.

The Checkout page will lead the customer through a KYC if this is the first deposit.

A KYC process on production environment usually takes up to 3 minutes. In some cases, when a customer is sent for a manual review, the process may take up to 24 hours.

If the KYC is soft failed (for example, due to address or date of birth mismatch), the Checkout page will allow the customer to go through the KYC again and correct the error.

This Checkout page will eventually provide the customer with a virtual bank account number (IBAN) that must be used as an address for deposits.

The created IBAN remains active forever, considering the customer is active. If the IBAN was not used at all or was used long time ago (3 to 6 months ago) - XGateway team may deactivate the IBAN.

Remember to authorise the request with your key using x-api-key header.

The default lifetime of an invoice is 15 minutes.

iFrame or redirect

The URL returned by the invoice creation API can be used in two ways: as a redirect or within an iFrame.

In case of a redirect, the user is sent to a new page, where they complete the payment. This can be done using a new tab too. A redirect is an option with less effort. When the deposit is done, the user is redirected back to your app: either to the dynamic URL specified in the redirectUrl parameter or to a pre-set static URL.

The invoice URL may also be used in an iFrame. Please check this page for detailed instructions on the iFrame setup.

Limits

The invoice creation API validates the amount value.

An invoice will not be created, if the amount exceeds the limits.

Invoice limits
Currency
Min value
Max value

EUR

1

-

GBP

1

-

USD

1

-

Processing a callback

When a customer makes a deposit using a cryptocurrency, XGateway detects the transaction and sends a deposit callback to the merchant. Below is an example of such a callback. For detailed information, please visit this page.

Callback example
{
   "callbackType":"transaction",
   "amount":"200",
   "applicationId":null,
   "currency":"EUR",
   "customerId":"000394",
   "hash":"...",
   "id":"7e71d132-d80d-4140-8e60-9c89d0bd9eed",
   "invoiceId":"184e9933-1526-...-fe567091b5bd",
   "network":"tron",
   "orderId":null,
   "status":"confirmed",
   "transactionHash":null,
   "type":"deposit",
   "info":{
      "exchangeRate":"1.03759",
      "referenceAmount":"207.52",
      "referenceCurrency":"USD",
      "referenceExchangeRate":"1.000065",
      "transactionAmount":"207.51518",
      "transactionCurrency":"tUSDT"
   },
   "fees":{
      "processing":"7.263031",
      "technical":null
   },
   "eur":"200.12",
   "usd":"207.52"
}

Callbacks for Withdraw requests will be sent to the same URL. Make sure to properly filter callbacks by type.

Confirming a transaction

Due to security risks, merchants must use our API endpoint to request transaction details. XGateway is not liable for issues caused by relying only on callback data.

To confirm the callback is valid, please use the API endpoint.

Testing SEPA Secure deposits on Demo environment

Check this page for ways to test the integration.

Improving the conversion rate of bank transfers

Default flow

The standard bank transfer deposit flow includes four key steps:

  1. KYC Form – The customer enters personal details like address, country, city, and postcode.

  2. KYC Verification (SumSub Widget) – The customer uploads proof of address and identity.

  3. Bank Account Creation Form – The customer provides their first name, last name, email, and other details to create a bank account.

  4. Requisites Page – The IBAN is displayed to the customer.

Steps 1 and 2 are always required and must be completed via our checkout page before a bank account can be created. Step 3 is optional though.

  • Experience:

    • 4 steps for first invoice setup

    • 2 steps for recurring payments

  • Impact: Slower onboarding and more friction for returning users

Optimised Flow with Optional Fields

While the base Invoice creation flow only requires mandatory fields, including the following optional fields during invoice creation can significantly streamline the user experience:

  • paymentCurrency

  • customerCountry

  • customerFirstName

  • customerLastName

  • customerEmail

These values are usually already known when generating an invoice. Supplying them upfront allows the customer to skip the bank account creation form entirely (Step 3).

  • Experience:

    • 3 steps for first invoice setup

    • Direct redirection (1 step) to Requisites page for recurring payments

  • Impact: Seamless user journey and faster payment completion

Comparison of flows with incomplete customer information and fully filled customer data.
PreviousCrypto Payments using CheckoutNextAlternative Payment Methods using Checkout

Last updated